mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-28 09:13:09 -06:00
Code Issues Packages Projects Releases Wiki Activity

Check appservice usernames using correct function

Browse source
This commit is contained in:
Neil Alexander 2021-03-04 13:14:16 +00:00
parent 88c381e0fc
commit 2e70ef4403
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
2 changed files with 21 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
clientapi/routing/register.go
View file

@ -46,6 +46,7 @@ import (
"github.com/matrix-org/gomatrixserverlib/tokens" "github.com/matrix-org/gomatrixserverlib/tokens"
"github.com/matrix-org/util" "github.com/matrix-org/util"
"github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus"
"github.com/sirupsen/logrus"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
) )
@ -496,12 +497,21 @@ func Register(
r.Username = strconv.FormatInt(id, 10) r.Username = strconv.FormatInt(id, 10)
} }
// Is this an appservice registration? It will be if the access
// token is supplied
accessToken, accessTokenErr := auth.ExtractAccessToken(req)
// Squash username to all lowercase letters // Squash username to all lowercase letters
r.Username = strings.ToLower(r.Username) r.Username = strings.ToLower(r.Username)
if r.Auth.Type == authtypes.LoginTypeApplicationService || accessTokenErr == nil {
if resErr = validateApplicationServiceUsername(r.Username); resErr != nil {
return *resErr
}
} else {
if resErr = validateUsername(r.Username); resErr != nil { if resErr = validateUsername(r.Username); resErr != nil {
return *resErr return *resErr
} }
}
if resErr = validatePassword(r.Password); resErr != nil { if resErr = validatePassword(r.Password); resErr != nil {
return *resErr return *resErr
} }
@ -513,7 +523,7 @@ func Register(
"session_id": r.Auth.Session, "session_id": r.Auth.Session,
}).Info("Processing registration request") }).Info("Processing registration request")
return handleRegistrationFlow(req, r, sessionID, cfg, userAPI) return handleRegistrationFlow(req, r, sessionID, cfg, userAPI, accessToken, accessTokenErr)
} }
func handleGuestRegistration( func handleGuestRegistration(
@ -579,6 +589,8 @@ func handleRegistrationFlow(
sessionID string, sessionID string,
cfg *config.ClientAPI, cfg *config.ClientAPI,
userAPI userapi.UserInternalAPI, userAPI userapi.UserInternalAPI,
accessToken string,
accessTokenErr error,
) util.JSONResponse { ) util.JSONResponse {
// TODO: Shared secret registration (create new user scripts) // TODO: Shared secret registration (create new user scripts)
// TODO: Enable registration config flag // TODO: Enable registration config flag
@ -588,7 +600,6 @@ func handleRegistrationFlow(
// TODO: Handle mapping registrationRequest parameters into session parameters // TODO: Handle mapping registrationRequest parameters into session parameters
// TODO: email / msisdn auth types. // TODO: email / msisdn auth types.
accessToken, accessTokenErr := auth.ExtractAccessToken(req)
// Appservices are special and are not affected by disabled // Appservices are special and are not affected by disabled
// registration or user exclusivity. We'll go onto the appservice // registration or user exclusivity. We'll go onto the appservice
@ -680,6 +691,8 @@ func handleApplicationServiceRegistration(
cfg *config.ClientAPI, cfg *config.ClientAPI,
userAPI userapi.UserInternalAPI, userAPI userapi.UserInternalAPI,
) util.JSONResponse { ) util.JSONResponse {
logrus.Warnf("APPSERVICE Is appservice registration %q", r.Username)
// Check if we previously had issues extracting the access token from the // Check if we previously had issues extracting the access token from the
// request. // request.
if tokenErr != nil { if tokenErr != nil {

3
sytest-whitelist
View file

@ -510,3 +510,6 @@ Can pass a JSON filter as a query parameter
Local room members can get room messages Local room members can get room messages
Remote room members can get room messages Remote room members can get room messages
Guest users can send messages to guest_access rooms if joined Guest users can send messages to guest_access rooms if joined
AS can create a user
AS can create a user with an underscore
AS can create a user with inhibit_login